Trader loses $68M worth of WBTC in address poisoning scam; how can you avoid this?

In a recent catastrophic event in the cryptocurrency world, a trader lost $68 million in Wrapped Bitcoin (WBTC) due to an address-poisoning scam. Address poisoning, also known as address spoofing, exploits the haste and carelessness of traders by tricking them into sending digital assets to fraudulent addresses controlled by scammers. 

 

This incident was first reported by the on-chain security firm Cyvers in a May 3 X post, which stated,

 

 “Are we mistaken, or has someone truly lost $68 million worth of $WBTC? Our system has detected another address falling victim to address poisoning, losing 1,155 $WBTC.”

 

The scam involved characters in both the fraudulent and the legitimate addresses starting with 0xd9A1 and ending with 853a91, leading to a critical mix-up.

The victim, identified by the wallet “0x1E,” reportedly lost over 97% of their total holdings, valued at approximately $67.8 million, as per data from CoinStats. This substantial loss comprised 1,155 WBTC, a token that mirrors Bitcoin’s value on the Ethereum network, making it as volatile as Bitcoin to the hacking and exploits that plague the Ethereum ecosystem.

To prevent such costly mistakes, digital wallet providers like Metamask advise users to avoid copying addresses from their transaction history. They recommend adding frequently used addresses to an address book and using only those that are whitelisted to ensure transactions are sent to the correct recipients. 

This case underscores the vulnerabilities inherent in digital asset transactions and the crucial need for vigilance.

Alphachain’s Take on crypto wallet security 

There are a few ways you can prevent such a mishap

  • Use ENS instead of a full wallet address. Chances are that even ENS might fail in ensuring identification. After all, it is also a software. Besides having an ENS you can also add addresses to your wallet. (ofcourse you name them in your contact list) 

  •  Be patient and ensure you check all the details carefully. This, my dear reader, is the toughest part. I know what you are thinking. Why is it tough? Well, crypto is a fast environment and it takes minutes for a hacker to get a hold of your wallet (if you get caught in the wind, you might lose) So, be thick skinned at times so that you don’t lose your skin in the game.

  • Don’t put all your money in one wallet. Meaning, create a decoy. Do not put all your funds in one place. (it may seem like a lot of work) But losing 60 mil. Guess you understand why I recommend distributing your funds in various wallets. (hackers tend to attack wallets that are loaded)

Sum up  

Stay vigilant, Be smart and take your time to check all details before you hit send. A bonus tip here: install web3 antivirus to keep your devices protected from scam attacks.